diff --git a/make/common/templates/ui/env b/make/common/templates/ui/env index 1f6b2052b..8af46020a 100644 --- a/make/common/templates/ui/env +++ b/make/common/templates/ui/env @@ -3,11 +3,11 @@ MYSQL_PORT=3306 MYSQL_USR=root MYSQL_PWD=$db_password REGISTRY_URL=http://registry:5000 +JOB_SERVICE_URL=http://jobservice UI_URL=http://ui CONFIG_PATH=/etc/ui/app.conf -HARBOR_REG_URL=$hostname +EXT_REG_URL=$hostname HARBOR_ADMIN_PASSWORD=$harbor_admin_password -HARBOR_URL=$ui_url AUTH_MODE=$auth_mode LDAP_URL=$ldap_url LDAP_SEARCH_DN=$ldap_searchdn @@ -26,3 +26,4 @@ EXT_ENDPOINT=$ui_url TOKEN_ENDPOINT=http://ui VERIFY_REMOTE_CERT=$verify_remote_cert TOKEN_EXPIRATION=$token_expiration +CREATE_PROJECT_RESTRICTION=$create_project_restriction diff --git a/make/harbor.cfg b/make/harbor.cfg index f2d00554e..4a2e935ea 100644 --- a/make/harbor.cfg +++ b/make/harbor.cfg @@ -2,11 +2,11 @@ #The IP address or hostname to access admin UI and registry service. #DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients. -hostname = reg.mydomain.com +hostname = 10.117.4.174 #The protocol for accessing the UI and token/notification service, by default it is http. #It can be set to https if ssl is enabled on nginx. -ui_url_protocol = http +ui_url_protocol = https #Email account settings for sending out password resetting emails. email_identity = Mail Config diff --git a/src/common/config/config.go b/src/common/config/config.go index 121cc9cb2..2615bb0fd 100644 --- a/src/common/config/config.go +++ b/src/common/config/config.go @@ -29,13 +29,13 @@ type ConfigLoader interface { // EnvConfigLoader loads the config from env vars. type EnvConfigLoader struct { - keys []string + Keys []string } // Load ... func (ec *EnvConfigLoader) Load() (map[string]string, error) { m := make(map[string]string) - for _, k := range ec.keys { + for _, k := range ec.Keys { m[k] = os.Getenv(k) } return m, nil @@ -48,17 +48,17 @@ type ConfigParser interface { } type Config struct { - config map[string]interface{} - loader ConfigLoader - parser ConfigParser + Config map[string]interface{} + Loader ConfigLoader + Parser ConfigParser } -func (conf *Config) load() error { - rawMap, err := conf.loader.Load() +func (conf *Config) Load() error { + rawMap, err := conf.Loader.Load() if err != nil { return err } - err = conf.parser.Parse(rawMap, conf.config) + err = conf.Parser.Parse(rawMap, conf.Config) return err } @@ -121,50 +121,50 @@ var commonConfig *Config func init() { commonKeys := []string{"DATABASE", "MYSQL_DATABASE", "MYSQL_USR", "MYSQL_PWD", "MYSQL_HOST", "MYSQL_PORT", "SQLITE_FILE", "VERIFY_REMOTE_CERT", "EXT_ENDPOINT", "TOKEN_ENDPOINT", "LOG_LEVEL"} commonConfig = &Config{ - config: make(map[string]interface{}), - loader: &EnvConfigLoader{keys: commonKeys}, - parser: &commonParser{}, + Config: make(map[string]interface{}), + Loader: &EnvConfigLoader{Keys: commonKeys}, + Parser: &commonParser{}, } - if err := commonConfig.load(); err != nil { + if err := commonConfig.Load(); err != nil { panic(err) } } // Reload will reload the configuration. func Reload() error { - return commonConfig.load() + return commonConfig.Load() } // Database returns the DB type in configuration. func Database() string { - return commonConfig.config["database"].(string) + return commonConfig.Config["database"].(string) } // MySQL returns the mysql setting in configuration. func MySQL() MySQLSetting { - return commonConfig.config["mysql"].(MySQLSetting) + return commonConfig.Config["mysql"].(MySQLSetting) } // SQLite returns the SQLite setting func SQLite() SQLiteSetting { - return commonConfig.config["sqlite"].(SQLiteSetting) + return commonConfig.Config["sqlite"].(SQLiteSetting) } // VerifyRemoteCert returns bool value. func VerifyRemoteCert() bool { - return commonConfig.config["verify_remote_cert"].(bool) + return commonConfig.Config["verify_remote_cert"].(bool) } // ExtEndpoint ... func ExtEndpoint() string { - return commonConfig.config["ext_endpoint"].(string) + return commonConfig.Config["ext_endpoint"].(string) } // TokenEndpoint returns the endpoint string of token service, which can be accessed by internal service of Harbor. func TokenEndpoint() string { - return commonConfig.config["token_endpoint"].(string) + return commonConfig.Config["token_endpoint"].(string) } func LogLevel() string { - return commonConfig.config["log_level"].(string) + return commonConfig.Config["log_level"].(string) } diff --git a/src/ui/auth/authenticator.go b/src/ui/auth/authenticator.go index 4032e83c0..23abdc8f2 100644 --- a/src/ui/auth/authenticator.go +++ b/src/ui/auth/authenticator.go @@ -17,11 +17,11 @@ package auth import ( "fmt" - "github.com/vmware/harbor/src/common/utils/log" - "os" "time" "github.com/vmware/harbor/src/common/models" + "github.com/vmware/harbor/src/common/utils/log" + "github.com/vmware/harbor/src/ui/config" ) // 1.5 seconds @@ -50,7 +50,7 @@ func Register(name string, authenticator Authenticator) { // Login authenticates user credentials based on setting. func Login(m models.AuthModel) (*models.User, error) { - var authMode = os.Getenv("AUTH_MODE") + var authMode = config.AuthMode() if authMode == "" || m.Principal == "admin" { authMode = "db_auth" } diff --git a/src/ui/controllers/password.go b/src/ui/controllers/password.go index 83d23a60d..e026ab20f 100644 --- a/src/ui/controllers/password.go +++ b/src/ui/controllers/password.go @@ -8,6 +8,7 @@ import ( "text/template" "github.com/astaxie/beego" + "github.com/vmware/harbor/src/common/config" "github.com/vmware/harbor/src/common/dao" "github.com/vmware/harbor/src/common/models" "github.com/vmware/harbor/src/common/utils" @@ -49,7 +50,7 @@ func (cc *CommonController) SendEmail() { message := new(bytes.Buffer) - harborURL := os.Getenv("HARBOR_URL") + harborURL := config.ExtEndpoint() if harborURL == "" { harborURL = "localhost" }